Germany's incoming government is throwing its weight behind a ban on the use of biometric identification technologies such as facial recognition in public places. From a report: According to their coalition deal, the Social Democrats (SPD), Greens and liberal Free Democrats (FDP) want to "exclude" biometric recognition in public spaces as well as automated state scoring systems by AI through European law. "Biometric recognition in public spaces as well as automated state scoring systems by AI are to be excluded under European law," reads the coalition agreement, presented on Wednesday.

The EU's Artificial Intelligence Act, proposed in April, creates product safety rules for "high risk" AI that is likely to cause harm to humans. It also bans certain "unacceptable" AI uses, such as social scoring and restricts the use of remote biometric identification in public places from law enforcement, unless it is to fight serious crime, such as terrorism. The AI Act's prohibitions are some of the bill's most contentious articles, and many European countries have yet to decide what they think. Germany's support of a ban could rally other countries to the same view. Belgium and Slovakia have already expressed their support.

In recent years, Amazon has killed or undermined privacy protections in more than three dozen bills across 25 states, as the e-commerce giant amassed a lucrative trove of personal data on millions of American consumers. From a report: Amazon executives and staffers detail these lobbying victories in confidential documents reviewed by Reuters. In Virginia, the company boosted political donations tenfold over four years before persuading lawmakers this year to pass an industry-friendly privacy bill that Amazon itself drafted. In California, the company stifled proposed restrictions on the industry's collection and sharing of consumer voice recordings gathered by tech devices. And in its home state of Washington, Amazon won so many exemptions and amendments to a bill regulating biometric data, such as voice recordings or facial scans, that the resulting 2017 law had "little, if any" impact on its practices, according to an internal Amazon document.

The architect of this under-the-radar campaign to smother privacy protections has been Jay Carney, who previously served as communications director for Joe Biden, when Biden was vice president, and as press secretary for President Barack Obama. Hired by Amazon in 2015, Carney reported to founder Jeff Bezos and built a lobbying and public-policy juggernaut that has grown from two dozen employees to about 250, according to Amazon documents and two former employees with knowledge of recent staffing. One 2018 document reviewing executives' goals for the prior year listed privacy regulation as a primary target for Carney. One objective: "Change or block US and EU regulation/legislation that would impede growth for Alexa-powered devices," referring to Amazon's popular voice-assistant technology. The mission included defeating restrictions on artificial intelligence and biometric technologies, along with blocking efforts to make companies disclose the data they keep on consumers.

The document listed Carney as the goal's "primary owner" and celebrated killing or amending privacy bills in "over 20 states." This story is based on a Reuters review of hundreds of internal Amazon documents and interviews with more than 70 lobbyists, advocates, policymakers and their staffers involved in legislation Amazon targeted, along with 10 former Amazon public-policy and legal employees. It is the third in a series of reports revealing how the company has pursued business practices that harm small businesses or put its own interests above those of consumers. The previous articles showed how Amazon has circumvented e-commerce regulations meant to protect Indian retailers, and how it copied products and rigged search results to promote its own brands over those of other vendors on its India platform.

An anonymous reader quotes a report from Motherboard: The South Korean Ministry of Justice has provided more than 100 million photos of foreign nationals who travelled through the country's airports to facial recognition companies without their consent, according to attorneys with the non-governmental organization Lawyers for a Democratic Society. While the use of facial recognition technology has become common for governments across the world, advocates in South Korea are calling the practice a "human rights disaster" that is relatively unprecedented. "It's unheard-of for state organizations -- whose duty it is to manage and control facial recognition technology -- to hand over biometric information collected for public purposes to a private-sector company for the development of technology," six civic groups said during a press conference last week.

The revelation, first reported in the South Korean newspaper The Hankyoreh, came to light after National Assembly member Park Joo-min requested and received documents from the Ministry of Justice related to a April 2019 project titled Artificial Intelligence and Tracking System Construction Project. The documents show private companies secretly used biometric data to research and develop an advanced immigration screening system that would utilize artificial intelligence to automatically identify airport users' identities through CCTV surveillance cameras and detect dangerous situations in real time. Shortly after the discovery, civil liberty groups announced plans to represent both foreign and domestic victims in a lawsuit.

"We, the NGOs, urge the government to immediately stop the establishment of a biometric monitoring system that is not only illegal but also significantly violates international human rights norms," wrote Advocates for Public Interest Law, MINBYUN -- Lawyers for a Democratic Society, the Institute for Digital Rights, the Joint Committee with Migrants in Korea, and the Korean Progressive Network Jinbonet, in a press release that was translated and provided to Motherboard. Attorneys claim the project directly violates South Korea's Personal Information Protection Act, a law that strictly limits the processing of personal information in the country. Still, the Ministry has yet to announce plans to halt the program, which was scheduled to be completed in 2022.

Whilst the European Parliament has been fighting bravely for the rights of everyone in the EU to exist freely and with dignity in publicly accessible spaces, the government of Portugal is attempting to push their country in the opposite direction: one of digital authoritarianism. From a report: The Portuguese lead organisation in the Reclaim Your Face coalition D3 (Defesa Dos Direitos Digitais) are raising awareness of how the Portuguese government's new proposed video surveillance and facial recognition law amounts to illiberal biometric mass surveillance. Why? Ministers are trying to secretly rush the law through the Parliament, endangering the very foundations of democracy on which the Republic of Portugal rests.

Eerily reminiscent of the failed attempts by the Serbian government just two months ago to rush in a biometric mass surveillance law, Portugal now asked its Parliament to approve a law in a shocking absence of democratic scrutiny. Just two weeks before the national Assembly will be dissolved, the government wants Parliamentarians to quickly approve a law, without public consultation or evidence. The law would enable and encourage widespread biometric mass surveillance -- even though we have repeatedly shown just how harmful these practices are. Reclaim Your Face lead organisation EDRi sent a letter to representatives of Portugal's main political parties, supporting D3's fight against biometric mass surveillance practices that treat each and every person as a potential criminal. Together, we urged politicians to reject this dystopian law.

Apple is making U.S. states foot part of the bill and provide customer support for its plan to turn iPhones into digital identification cards, according to confidential documents obtained by CNBC. From the report: The company requires states to maintain the systems needed to issue and service credentials, hire project managers to respond to Apple inquiries, prominently market the new feature and push for its adoption with other government agencies, all at taxpayer expense, according to contracts signed by four states. Apple announced in June that its users could soon store state-issued identification cards in the iPhone's Wallet app, billing it as a more secure and convenient way for customers to provide credentials in a variety of in-person and remote settings. The feature, when combined with Apple's biometric security measures like Face ID, could cut down on fraud.

But the move has brought questions from industry observers about why local authorities are ceding control of citizens' identities to a $2.46 trillion private corporation. Beyond that, the integration of identity into powerful mobile devices has drawn concern from privacy experts about the risk of dystopian scenarios involving surveillance. The contracts between Cupertino, California-based Apple and states including Georgia, Arizona, Kentucky and Oklahoma provide a rare glimpse into the dealings of the powerful company. Apple is known for its obsession with secrecy. It typically forces potential partners to sign non-disclosure agreements to prevent its documents from spilling into public view.

An anonymous reader quotes a report from The Register: In North Ayrshire Council, a Scottish authority encompassing the Isle of Arran, nine schools are set to begin processing meal payments for school lunches using facial scanning technology. The authority and the company implementing the technology, CRB Cunninghams, claim the system will help reduce queues and is less likely to spread COVID-19 than card payments and fingerprint scanners, according to the Financial Times. Speaking to the publication, David Swanston, the MD of supplier CRB Cunninghams, said the cameras verify the child's identity against "encrypted faceprint templates," and will be held on servers on-site at the 65 schools that have so far signed up. He added: "In a secondary school you have around about a 25-minute period to serve potentially 1,000 pupils. So we need fast throughput at the point of sale." He told the paper that with the system, the average transaction time was cut to five seconds per pupil. The system has already been piloted in 2020 at Kingsmeadow Community School in Gateshead, England. North Ayrshire council said 97 per cent of parents had given their consent for the new system, although some said they were unsure whether their children had been given enough information to make their decision. Seemingly unaware of the controversy surrounding facial recognition, education solutions provider CRB Cunninghams announced its introduction of the technology in schools in June as the "next step in cashless catering."

An anonymous reader quotes a report from ZDNet: In Australia, the country's information commissioner has found that 7-Eleven breached customers' privacy by collecting their sensitive biometric information without adequate notice or consent. From June 2020 to August 2021, 7-Eleven conducted surveys that required customers to fill out information on tablets with built-in cameras. These tablets, which were installed in 700 stores, captured customers' facial images at two points during the survey-taking process -- when the individual first engaged with the tablet, and after they completed the survey. After becoming aware of this activity in July last year, the Office of the Australian Information Commissioner (OAIC) commended an investigation into 7-Eleven's survey.

During the investigation [PDF], the OAIC found 7-Eleven stored the facial images on tablets for around 20 seconds before uploading them to a secure server hosted in Australia within the Microsoft Azure infrastructure. The facial images were then retained on the server, as an algorithmic representation, for seven days to allow 7-Eleven to identify and correct any issues, and reprocess survey responses, the convenience store giant claimed. The facial images were uploaded to the server as algorithmic representations, or "faceprints," that were then compared with other faceprints to exclude responses that 7-Eleven believed may not be genuine. 7-Eleven also used the personal information to understand the demographic profile of customers who completed the survey, the OAIC said.

7-Eleven claimed it received consent from customers who participated in the survey as it provided a notice on its website stating that 7-Eleven may collect photographic or biometric information from users. The survey resided on 7-Eleven's website. As at March 2021, approximately 1.6 million survey responses had been completed. In Australia, an organization is prohibited from collecting sensitive information about an individual unless consent is provided. [...] 7-Eleven [has been ordered] to cease collecting facial images and faceprints as part of the customer feedback mechanism. 7-Eleven has also been ordered to destroy all the faceprints it collected.

The European Parliament today called for a ban on police use of facial recognition technology in public places, and on predictive policing, a controversial practice that involves using AI tools in hopes of profiling potential criminals before a crime is even committed. Politico reports: In a resolution adopted overwhelmingly in favor, MEPs also asked for a ban on private facial recognition databases, like the ones used by the controversial company Clearview AI. The Parliament also supports the European Commission's attempt in its AI bill to ban social scoring systems, such as the ones launched by China that rate citizens' trustworthiness based on their behavior.

The non-biding resolution sends a strong signal on how the Parliament is likely to vote in upcoming negotiations of the AI Act. The European Commission's proposal of the bill restricts the use of remote biometric identification -- including facial recognition technology -- in public places unless it is to fight "serious" crime, such as kidnappings and terrorism. The AI Act's lead negotiator, Brando Benifei and almost all of his co-negotiators from other political groups in the Parliament have called for a blanket ban on facial recognition. This is in stark contrast to policies implemented in some EU member countries, who are keen to use these technologies to bolster their security apparatuses.

Google Photos' Locked Folder feature, which lets you hide sensitive photos and videos from your main library and secure them in a passcode- or biometric-protected folder, is coming to all devices running Android 6 and above. The Verge reports: The feature was released exclusively on newer Pixel phones in June. Google hasn't provided an exact date for when the feature is releasing more widely, noting only that it's "rolling out soon." When it announced the feature onstage at Google I/O in May, Google gave the wholesome example of the feature being used by parents hiding photos of a newly purchased puppy from their children. But I think it's fair to say that most people are going to have very different photos stored in their Locked Folder. I don't know about you, but in all the times I've had to wrench my phone out of someone's hand to stop them scrolling through my photos, it's never been because of a puppy picture.

em1ly shares a report from Motherboard: Amazon delivery drivers say surveillance cameras installed in their vans have made them lose income for reasons beyond their control. In February, Amazon announced that it would install cameras made by the AI-tech startup Netradyne in its Amazon-branded delivery vans as an "innovation" to "keep drivers safe." As of this month, Amazon had fitted more than half of its delivery fleet nationwide with this technology, an Amazon spokesperson told Motherboard. Motherboard spoke to six Amazon delivery drivers in California, Texas, Kansas, Alabama, and Oklahoma, and the owner of an Amazon delivery company in Washington who said that rather than encourage safe driving, Netradyne cameras regularly punish drivers for so-called "events" that are beyond their control or don't constitute unsafe driving. The cameras will punish them for looking at a side mirror or fiddling with the radio, stopping ahead of a stop sign at a blind intersection, or getting cut off by another car in dense traffic, they said.

The Netradyne camera, which requires Amazon drivers to sign consent forms to release their biometric data, has four lenses that record drivers when they detect "events" such as following another vehicle too closely, stop sign and street light violations, and distracted driving. When the camera detects an "event," it uploads the footage to a Netradyne interface accessible to Amazon and its delivery companies, and in some instances, a robotic voice speaks out to the driver: "distracted driving" or "maintain safe distance." Each time the camera registers an event, footage is uploaded into a system, recorded, and affects a score drivers receive at the end of the week for safe driving. Amazon drivers believe that AI-powered surveillance cameras have served as a cost-saving measure for the company. Amazon delivery drivers and delivery companies, known as "delivery service partners," which contract with Amazon and employ drivers, have reported losing income from erroneous citations registered by Netradyne.

An anonymous reader writes: Software used by the Department of Homeland Security to scan the records of millions of immigrants can automatically flag naturalized Americans to potentially have their citizenship revoked based on secret criteria, according to documents reviewed by The Intercept. The software, known as ATLAS, takes information from immigrants' case files and runs it though various federal databases. ATLAS looks for indicators that someone is dangerous or dishonest and is ostensibly designed to detect fraud among people who come into contact with the U.S. immigration system. But advocates for immigrants believe that the real purpose of the computer program is to create a pretext to strip people of citizenship. Whatever the motivation, ATLAS's intended outcome is ultimately deportation, judging from the documents, which originate within DHS and were obtained by the Open Society Justice Initiative and Muslim Advocates through Freedom of Information Act lawsuits.

ATLAS helps DHS investigate immigrants' personal relationships and backgrounds, examining biometric information like fingerprints and, in certain circumstances, considering an immigrant's race, ethnicity, and national origin. It draws information from a variety of unknown sources, plus two that have been criticized as being poorly managed: the FBI's Terrorist Screening Database, also known as the terrorist watchlist, and the National Crime Information Center. Powered by servers at tech giant Amazon, the system in 2019 alone conducted 16.5 million screenings and flagged more than 120,000 cases of potential fraud or threats to national security and public safety. Ultimately, humans at DHS are involved in determining how to handle immigrants flagged by ATLAS. But the software threatens to amplify the harm caused by bureaucratic mistakes within the immigration system, mistakes that already drive many denaturalization and deportation cases. "ATLAS should be considered as suspect until it is shown not to generate unfair, arbitrary, and discriminatory results," said Laura Bingham, a lawyer with the Open Society Justice Initiative. "From what we are able to scrutinize in terms of the end results -- like the disparate impact of denaturalization based on national origin -- there is ample reason to consider ATLAS a threat to naturalized citizens."

The US Patent and Trademark Office has granted a patent to Apple for a dual-display MacBook with a virtual keyboard replacing the traditional keyboard and with the ability to wirelessly charge an iPhone. 9to5Mac reports: As reported by Patently Apple, this patent was submitted three years ago, and only now has Apple won it. With this patent, the company could take a radical path and get rid of a physical keyboard. The interesting thing about this application is that while rumors suggest that Apple will remove the only touchable interface on the MacBook Pro, the Touch Bar, this patent imagines a MacBook with no physical keyboard at all. Patently Apple says this virtual keyboard could be rearranged, swapping the position of the virtual keyboard and trackpad. With a virtual keyboard, Apple could bring gestures from iOS and iPadOS as well, such as pinch, zoom, slide to select, and more. In the patent, Apple says this MacBook includes biometric sensors, which we could interpret as Face ID, fingerprint sensors (aka Touch ID), and a wireless charger, which would be in the left down corner of the notebook.

TikTok's plans to collect biometric identifiers from its users has prompted concern among U.S. lawmakers, who are demanding the company reveal exactly what information it collects and what it plans to do with that data. From a report: In a letter sent earlier this month addressed to TikTok CEO Shou Zi Chew, Sens. Amy Klobuchar (D-MN) and John Thune, (R-SD) say they are "alarmed" by the recent change to TikTok's privacy policy, which allows the company to "automatically collect biometric data, including certain physical and behavioral characteristics from video content posted by its users."

TechCrunch first reported details of the new privacy policy back in June, when TikTok said it will seek "required permissions" to collect "faceprints and voiceprints" where required by law, but failed to elaborate on whether it's considering federal law, states laws, or both (only a handful of U.S. states have biometric privacy laws, including Illinois, Washington, California, Texas and New York). Klobuchar and Thune's letter asks TikTok to explicitly explain what constitutes a "faceprint" and "voiceprint," as well as to explain how this data will be used and how long it will be retained. The senators also quizzed TikTok on whether any data is gathered for users under the age of 18; whether it makes any inferences about its users based on the biometric data it collects; and to provide a list of all third parties that have access to the data.

Thousands of Afghans struggling to ensure the physical safety of their families after the Taliban took control of the country have an additional worry: that biometric databases and their own digital history can be used to track and target them. From a report: U.N. Secretary-General Antonio Guterres has warned of "chilling" curbs on human rights and violations against women and girls, and Amnesty International on Monday said thousands of Afghans - including academics, journalists and activists - were "at serious risk of Taliban reprisals." After years of a push to digitise databases in the country, and introduce digital identity cards and biometrics for voting, activists warn these technologies can be used to target and attack vulnerable groups. "We understand that the Taliban is now likely to have access to various biometric databases and equipment in Afghanistan," the Human Rights First group wrote on Twitter on Monday.

"This technology is likely to include access to a database with fingerprints and iris scans, and include facial recognition technology," the group added. The U.S.-based advocacy group quickly published a Farsi-language version of its guide on how to delete digital history - that it had produced last year for activists in Hong Kong - and also put together a manual on how to evade biometrics. Tips to bypass facial recognition include looking down, wearing things to obscure facial features, or applying many layers of makeup, the guide said, although fingerprint and iris scans were difficult to bypass.

Mastercard, writing in a blog post: In the early age of modern credit cards, they had to write down account information for each card-carrying customer by hand. Later, they used flatbed imprinting machines to record the card information on carbon paper packets, the sound of the swiping of the handle earning them the name, zip-zap machines. (They were also dubbed "knuckle-busters" by the unfortunate clerks who skinned their fingers on the embossing plate.) And how could clerks tell whether the customer was good for the purchase? They couldn't. Credit card companies would circulate a list of bad account numbers each month, and the merchant would have to compare the customers' cards against the list.

The arrival of the magnetic stripe changed all that. An early 1960s innovation largely credited to IBM, the magnetic stripe allowed banks to encode card information onto magnetic tape laminated to the back. It paved the way for electronic payment terminals and chip cards, offering more security and real-time authorization while making it easier for businesses of all sizes to accept cards. That thin stripe has remained a fixture on billions of payment cards for decades, even as technology has evolved. But now the magnetic stripe is reaching its expiration date with Mastercard becoming the first payments network to phase it out.

The shift away from the magnetic stripe points to both consumers changing habits for payments and the development of newer technologies. Today's chip cards are powered by microprocessors that are much more capable and secure, and many are also embedded with tiny antennae that enable contactless transactions. Biometric cards, which combine fingerprints with chips to verify a cardholder's identity, offer another layer of security. Based on the decline in payments powered by magnetic stripes after chip-based payments took hold, newly-issued Mastercard credit and debit cards will not be required to have a stripe starting in 2024 in most markets. By 2033, no Mastercard credit and debit cards will have magnetic stripes, which leaves a long runway for the remaining partners who still rely on the technology to phase in chip card processing.

"New Amazon CEO Andy Jassy is facing questions about how the company plans to use the data it gathers from its newly installed palm-reading scanners in some of the company's retail outlets," reports GeekWire: A group of three U.S. senators — Amy Klobuchar (D-Minn.), Bill Cassidy (R-La.), and Jon Ossoff (D-Ga.) — sent a letter to Jassy asking a series of questions about its new Amazon One program which encourages people to make contactless payments via hand scans in its brick-and-mortar stores, such as Whole Foods. Specifically, the senators expressed concerns about Amazon's own history with its user data...

"Our concerns about user privacy are heightened by evidence that Amazon shared voice data with third-party contractors and allegations that Amazon has violated biometric privacy laws... In contrast with biometric systems like Apple's Face ID and Touch ID or Samsung Pass, which store biometric information on a user's device, Amazon One reportedly uploads biometric information to the cloud, raising unique security risks," they wrote in the letter.

Currently, Amazon is offering $10 in promotional credits to those who enroll their bank accounts in the program and link them to their Amazon accounts. Hot Hardware calls it a "slightly creepy promo," asking "What is the lowest amount you would sell your personal palm print for to a third-party?"

The New York City Police Department has spent over $159 million on surveillance systems and maintenance since 2007 without public oversight, according to newly released documents. Engadget reports: The Legal Aid Society (LAS) and the Surveillance Technology Oversight Project (STOP) obtained the documents from the NYPD, which include contracts with vendors. They show that the NYPD has spent millions on facial recognition, predictive policing tech and other surveillance systems. The NYPD made the purchases through a Special Expenses Fund. It didn't need to gain the approval of the NYC Council or other city officials before signing the contracts, as Wired reports.

STOP and other privacy groups lobbied for the Public Oversight of Surveillance Technology (POST) Act, which passed last year and requires the NYPD to disclose details about its public surveillance infrastructure. The Special Expenses Fund was shut down after the legislation passed. LAS and STOP threatened legal action if the NYPD didn't detail its surveillance practices. Among the documents are contracts for Palantir, American Science and Engineering (which provides x-ray vans that can detect weapons in vehicles 1,500 feet away) and Idemia Solutions, which provides biometric services such as facial recognition. The NYPD also signed a contract with KeyW Corporation for Stingray cell tower simulators.

An anonymous reader quotes a report from Motherboard: Researchers have demonstrated a method to create "master faces," computer generated faces that act like master keys for facial recognition systems, and can impersonate several identities with what the researchers claim is a high probability of success. In their paper (PDF), researchers at the Blavatnik School of Computer Science and the School of Electrical Engineering in Tel Aviv detail how they successfully created nine "master key" faces that are able to impersonate almost half the faces in a dataset of three leading face recognition systems. The researchers say their results show these master faces can successfully impersonate over 40 percent of the population in these systems without any additional information or data of the person they are identifying.

The researchers tested their methods against three deep face recognition systems -- Dlib, FaceNet, and SphereFace. Lead author Ron Shmelkin told Motherboard that they used these systems because they are capable of recognizing "high-level semantic features" of the faces that are more sophisticated than just skin color or lighting effects. The researchers used a StyleGAN to generate the faces and then used an evolutionary algorithm and neural network to optimize and predict their success. The evolutionary strategy then creates iterations, or generations, of candidates of varying success rates. The researchers then used the algorithm to train a neural network, to classify the best candidates as the most promising ones. This is what teaches it to predict candidates' success and, in turn, direct the algorithm to generate better candidates with a higher probability of passing. The researchers even predict that their master faces could be animated using deepfake technology to bypass liveness detection, which is used to determine whether a biometric sample is real or fake.

An anonymous reader quotes a report from Ars Technica: Teleperformance, one of the world's largest call center companies, is reportedly requiring some employees to consent to video monitoring in their homes. Employees in Colombia told NBC News that their new contract granted the company the right to use AI-powered cameras to observe and record their workspaces. The contract also requires employees to share biometric data like fingerprints and photos of themselves, and workers have to agree to share data and images that may include children under 18.

Teleperformance employs over 380,000 people in 83 countries to provide call center services for a range of companies, including Amazon, Apple, and Uber. A company spokesperson told NBC that it is "constantly looking for ways to enhance the Teleperformance Colombia experience for both our employees and our customers, with privacy and respect as key factors in everything we do." Amazon and Apple said that they did not ask Teleperformance for this extra monitoring, and an Apple spokesperson said the company forbids video monitoring of employees by suppliers. A recent Apple audit reportedly found Teleperformance in compliance with this requirement. But Uber apparently requested the ability to monitor some workers. Uber said it wouldn't observe the entire workforce, but the company did not specify which employees would be subject to the new policies. The ride sharing company asked for the monitoring of Teleperformance's remote employees because call center staff have access to customers credit cards and trip details, an Uber spokesperson told NBC News.

How much is your palm print worth? If you ask Amazon, it's about $10 in promotional credit if you enroll your palm prints in its checkout-free stores and link it to your Amazon account. From a report: Last year, Amazon introduced its new biometric palm print scanners, Amazon One, so customers can pay for goods in some stores by waving their palm prints over one of these scanners. By February, the company expanded its palm scanners to other Amazon grocery, book and 4-star stores across Seattle.

Amazon has since expanded its biometric scanning technology to its stores across the U.S., including New York, New Jersey, Maryland, and Texas. The retail and cloud giant says its palm scanning hardware "captures the minute characteristics of your palm -- both surface-area details like lines and ridges as well as subcutaneous features such as vein patterns -- to create your palm signature," which is then stored in the cloud and used to confirm your identity when youâ(TM)re in one of its stores.